Computing paradigms occasionally undergo rather dramatic shifts as underlying technologies change, significantly modifying the dominant use cases. Some of these revolutions are seen far in advance and are heralded by great fanfare, with the hype long preceding the actual payoffs. Others are more opportunistic in nature, leveraging a technology initially developed for another purpose, and the adoption of this technology starts altering practice without much notice from the broader community. Computing is now on the verge of such a “quiet revolution” having to do with inserting computation on the devices that connect computers to the network. This trend towards what are called SmartNICs (for computationally enhanced network interface cards) shows great promise in both making applications faster and in keeping data more secure. This project will focus on how to best leverage SmartNICs in order to improve application performance and security.

SmartNICs were originally designed to offload packet-processing from the host CPU, which processing is necessary in certain settings to perform encryption and other compute-intensive tasks on the data path. SmartNICs combine this packet-processing power with three other characteristics: (i) isolation from the host CPU, (ii) direct access to memory, and (iii) general programmability. It turns out that this combination gives SmartNICs the potential to play a powerful and unique role in the overall computational ecosystem. In particular, by sitting on the boundary between the network and hosts, they can change the interfaces being exposed to both, allowing SmartNICs to substantially improve application performance while also providing greater security and privacy. However, realizing these gains requires making progress on three separate issues. First, the hardware design of SmartNICs must combine several different units (a specialized packet-handling unit, an remote direct memory access unit, and a general computation unit), and provide fast interconnections between them and with the host memory. The design space is vast, and there is little agreement on what designs represent the best trade-offs. Second, these SmartNICs must offer applications a set of primitives that can improve their performance and security. These primitives must be chosen wisely to be feasible for SmartNICs to support while being easy for applications to leverage for better performance and security. Third, verification tools are needed to ensure that the programs on the SmartNIC are correctly executed and that the overall system -- running on multiple hosts and their SmartNICs -- is correct. This will require extensions to current verification techniques.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

Project Start
Project End
Budget Start
Budget End
Support Year
Fiscal Year
Total Cost
Indirect Cost
New York University
New York
United States
Zip Code